# ai-plugin-scanner > Security and best-practices scanner for AI Plugins, covering Codex, Claude, Opencode, Gemini & more. Scores trust for plugins 0-100. - **URL**: https://www.freshcrate.ai/projects/ai-plugin-scanner - **Author**: hashgraph-online - **Category**: MCP Servers - **Latest version**: `main@2026-05-16` (2026-05-16) - **License**: NOASSERTION - **Source**: https://github.com/hashgraph-online/ai-plugin-scanner - **Homepage**: https://hol.org/registry/plugins - **Language**: Python - **GitHub**: 158 stars, 3 forks - **Registry**: github (`hashgraph-online/ai-plugin-scanner`) - **Tags**: `cli`, `codex`, `codex-plugins`, `mcp`, `plugin-scanner`, `python`, `scanner`, `security` ## Description Security and best-practices scanner for AI Plugins, covering Codex, Claude, Opencode, Gemini & more. Scores trust for plugins 0-100. ## Recent releases | Version | Date | Urgency | Changes | | --- | --- | --- | --- | | `main@2026-05-16` | 2026-05-16 | High | Latest activity on main branch | | `v2.0.244` | 2026-05-14 | High | ## v2.0.244 ### What's Changed - fix(guard): preserve find predicate literals (3fedfe1) - fix(guard): reduce ssh and wget pipeline false positives (cb49987) - fix(guard): parse ssh option values (8e037fd) - fix(guard): skip ssh local query modes (b685510) - fix(guard): reject find lookup redirections (51ddd98) - fix(guard): block find fprint0 writes (e92d904) - fix(guard): close stdin upload bypasses (2a0b772) - fix(guard): block find ok execution actions (7436bfc) - fix(guard): keep find delet | | `v2.0.138` | 2026-05-08 | High | ## v2.0.138 ### What's Changed ### Installation Base install: ```bash uv tool install hol-guard==2.0.138 ``` ```bash uv tool install plugin-scanner==2.0.138 ``` Full Cisco coverage on Python 3.11+: ```bash uv tool install "hol-guard[cisco]==2.0.138" ``` ```bash uv tool install "plugin-scanner[cisco]==2.0.138" ``` ```bash docker pull ghcr.io/hashgraph-online/ai-plugin-scanner:2.0.138 ``` **Full Changelog**: https://github.com/hashgraph-online/ai-plugin-scanner/compare/v2.0.137...v2.0.138 | | `v2.0.92` | 2026-05-02 | High | ## v2.0.92 ### What's Changed - feat(guard): add hosted runtime cloud cli (#200) (ac52c29) ### Installation Base install: ```bash uv tool install hol-guard==2.0.92 ``` ```bash uv tool install plugin-scanner==2.0.92 ``` Full Cisco coverage on Python 3.11+: ```bash uv tool install "hol-guard[cisco]==2.0.92" ``` ```bash uv tool install "plugin-scanner[cisco]==2.0.92" ``` ```bash docker pull ghcr.io/hashgraph-online/ai-plugin-scanner:2.0.92 ``` **Full Changelog**: https://github.com/hashgraph | | `v2.0.78` | 2026-04-27 | High | ## v2.0.78 ### What's Changed - fix(guard): redact protect output (#182) (c2629c9) ### Installation Base install: ```bash uv tool install hol-guard==2.0.78 ``` ```bash uv tool install plugin-scanner==2.0.78 ``` Full Cisco coverage on Python 3.11+: ```bash uv tool install "hol-guard[cisco]==2.0.78" ``` ```bash uv tool install "plugin-scanner[cisco]==2.0.78" ``` ```bash docker pull ghcr.io/hashgraph-online/ai-plugin-scanner:2.0.78 ``` **Full Changelog**: https://github.com/hashgraph-online/ | | `v2.0.50` | 2026-04-22 | High | ## v2.0.50 ### What's Changed - fix(guard): harden codex hook shell approvals (#152) (7b39f47) ### Installation Base install: ```bash uv tool install hol-guard==2.0.50 ``` ```bash uv tool install plugin-scanner==2.0.50 ``` Full Cisco coverage on Python 3.11+: ```bash uv tool install "hol-guard[cisco]==2.0.50" ``` ```bash uv tool install "plugin-scanner[cisco]==2.0.50" ``` ```bash docker pull ghcr.io/hashgraph-online/ai-plugin-scanner:2.0.50 ``` **Full Changelog**: https://github.com/hashg | | `v2.0.45` | 2026-04-21 | High | ## v2.0.45 ### What's Changed - fix(guard): harden claude code enforcement (#148) (ba7dfa2) ### Installation Base install: ```bash uv tool install hol-guard==2.0.45 ``` ```bash uv tool install plugin-scanner==2.0.45 ``` Full Cisco coverage on Python 3.11+: ```bash uv tool install "hol-guard[cisco]==2.0.45" ``` ```bash uv tool install "plugin-scanner[cisco]==2.0.45" ``` ```bash docker pull ghcr.io/hashgraph-online/ai-plugin-scanner:2.0.45 ``` **Full Changelog**: https://github.com/hashgrap | | `v2.0.44` | 2026-04-21 | High | ## v2.0.44 ### What's Changed - deps(pip): update ruff requirement from >=0.15.10 to >=0.15.11 (#138) (9619b10) ### Installation Base install: ```bash uv tool install hol-guard==2.0.44 ``` ```bash uv tool install plugin-scanner==2.0.44 ``` Full Cisco coverage on Python 3.11+: ```bash uv tool install "hol-guard[cisco]==2.0.44" ``` ```bash uv tool install "plugin-scanner[cisco]==2.0.44" ``` ```bash docker pull ghcr.io/hashgraph-online/ai-plugin-scanner:2.0.44 ``` **Full Changelog**: https:/ | | `v2.0.43` | 2026-04-21 | High | ## v2.0.43 ### What's Changed - deps(actions): bump github-actions-all group with 7 updates (#139) (58c5b01) ### Installation Base install: ```bash uv tool install hol-guard==2.0.43 ``` ```bash uv tool install plugin-scanner==2.0.43 ``` Full Cisco coverage on Python 3.11+: ```bash uv tool install "hol-guard[cisco]==2.0.43" ``` ```bash uv tool install "plugin-scanner[cisco]==2.0.43" ``` ```bash docker pull ghcr.io/hashgraph-online/ai-plugin-scanner:2.0.43 ``` **Full Changelog**: https://gi | | `v2.0.42` | 2026-04-21 | High | ## v2.0.42 ### What's Changed - fix(guard): serialize daemon startup (#147) (039ebf9) ### Installation Base install: ```bash uv tool install hol-guard==2.0.42 ``` ```bash uv tool install plugin-scanner==2.0.42 ``` Full Cisco coverage on Python 3.11+: ```bash uv tool install "hol-guard[cisco]==2.0.42" ``` ```bash uv tool install "plugin-scanner[cisco]==2.0.42" ``` ```bash docker pull ghcr.io/hashgraph-online/ai-plugin-scanner:2.0.42 ``` **Full Changelog**: https://github.com/hashgraph-onli | ## Dependency audit - **Score**: 98/100 - **Total deps**: 0 - **Resolved**: 0 - **Unresolved**: 0 - **License conflicts**: 0 - **Warnings**: 1 - **Scanned**: 2026-05-18 ## Citation - HTML: https://www.freshcrate.ai/projects/ai-plugin-scanner - Markdown: https://www.freshcrate.ai/projects/ai-plugin-scanner.md - Dependencies JSON: https://www.freshcrate.ai/api/projects/ai-plugin-scanner/deps _Generated by freshcrate.ai. Indexes github releases for AI-agent ecosystem packages._